Heartland Confirms that it Mistakenly Emailed Internal Documents

The Heartland Institute has confirmed in a prepared statement that it mistakenly emailed its board materials to an anonymous third party - confirming the source of the documents released here on the DeSmogBlog yesterday.

Heartland then goes on allege that one of the documents (the Climate Strategy) is a fake.

The DeSmogBlog has reviewed that Strategy document and compared its content to other material we have in hand. It addresses five elements:

The “Global Warming Curriculum for K-12 Classrooms” is also a Heartland budget item and has been confirmed independently by the author, Dr. David Wojick.

The Funding for Parallel Organizations; Funding for Selected Individuals Outside Heartland are both reproduced and confirmed in the Heartland budget. And Anthony Watts has confirmed independently the payments in Expanded Climate Communications.

The DeSmogBlog has received no direct communications from the Heartland Institute identifying any misstatement of fact in the “Climate Strategy” document and is therefore leaving the material available to those who may judge their content and veracity based on these and other sources.

Comments

It seems, for now, that Heartland is denying the authenticity of the “climate strategy.” I don’t know if I beleive them, but for now it’s probably wise to assume they are correct. It’s too bad we probably won’t be able to verify either way.

No but they are duplictious & lobby the general public on behalf of clients that seek to dupe the tax payer into believing there is no harm from their product - product defence. Meanwhile the costs of their damage is socialised, while their profits are privatised. Often with a nice injection of funds from the tax payer.

I would like to give an advise for checking the authenticity of the PDF in question.

This method should work if the person used a major public email service like Google or Yahoo.

The person who has the original email should download it with some client like Outlook or Thunderbird (but not The Bat, which has a buggy export) and post it as an .eml file - with headers and all.

The crucial part of the email is the DKIM signature. It is added by all major servers and it verifies not only the body of the email, but also the attachments and the main headers. There are several online DKIM verification forms, so verifying should not be a problem. If it passes verification, then it was indeed sent out from HI.

But it wasn’t sent from HI, we know that already. This was a social engineering hack: the hacker convinced a low-level person at HI that he was actually a board member, and convinced the HI person to re-send the board meeting information packet to a new email address.

HI claims that the Strategy Document is a fake, but it has an internal last-change date/time stamp that is within 2 minutes of the last-change date/time stamp of the IRS 990 document, which contains signatures, and which nobody is claiming is faked. So I think HI is lying because of the incendiary contents of the strategy document.

Whether it was straight from HI or from a HI employee is a detail. The test is to establish that it was sent from an address of a HI-associated person. Moreover, if the pdf is in the same email with other files acknowledged by HI to be authentic, it is also authentic.

The Strategy PDF may raise suspicion because it was created on Feb. 13, i.e. supposedly on the day (or the day before) the email was sent out by HI employee. The story is that the employee was asked to re-send the documents, supposedly they had been sent already. So why did this secretary (or whoever) need to scan the document if it was already available in electronic form? I suppose it could be argued that that person lost the trace of the electronic file and simply rescanned what (s)he had at hand in paper form. Possible. But still you see how it can raise suspicions.

The IRS form was created on 13.07.2011. The changes to both documents were made on Feb. 14, i.e. the date of release, so I don’t see how this proves authenticity (tho it doesn’t disprove it either). The documents may have been simply resaved by the DSB team or their source. That would create this late last change date. Easy to see how that could have happened too. Usually PDFs from the web are viewed in the browser window with the Adobe plugin. From this window they may also be saved to the hard disk (the “diskette” button). Probably the last-change date reflects the sequence in which the files were saved by the DSB team to their disks after being opened in the browser. In any case the last change date doesn’t prove anything either way.

It’s not so easy to dismiss HI’s claim of fakery too. They claim they will pursue the impersonator by legal means. That means they will have to give up the outgoing emails from that employee in unchanged electronic form to the police. And if these emails do really contain the PDF in question, and this info leaks, they will have a lot to answer for. And they know it. So either they’re being painfully stupid by lying about fakery knowing that they might be easily exposed, or…

The only way to really know is a forensic scan of the two PCs invovled in the communication. Typically the document creator will have a ton of copies and versions and variants all over the place in the deleted sectors of the PC.

If they are byte for byte, or at least content to content, then you’ve got the right stuff.

Anything short of that is pure conjecture. I’d want a police investigation to look further. I’d trust that.

(I’m not an expert, but I’ve worked with X-RCMP to uncover stolen documents from a company. I had to hunt through forensic drive scans to locate evidence.)

“Even if you know the document’s meta data format, that can be faked.”

I’m not talking about the document metadata tho. I’m talking about the digital signature added by many mail servers that certainly cannot be faked - that is, unless, you’ve hacked Google’s server (for example) and stole their encoding key. Such a feat has not been accomplished yet.

The only problem with this approach is that the DKIM sig can be turned off. But it is usually not, so it’s worth a try.

Most people don’t know about it, so it’s on by default. I know it exists in all the recent gmail correspondence I have, both incoming and outgoing - and I didn’t turn it on. So it doesn’t hurt to try.

There’s yet another possible way of verification, though weaker than DKIM.

If the original received email is on a web service like Gmail, one can simply make a video: logging into gmail account, finding the email in question, showing the attachments it has, showing the original plain text version with all the headers.

Maybe a very good hacker can fake such a feat, but it’s still at least something.

“So now we have three stories from Heartland (1) One is total fake (2) Some are altered and (3) They were sent out in error by a Heartland employee, meaning the docs are genuine.”

Uh, no. That’s not what they’re saying at all. What they are saying is that 1 is a fake, while others are at least based on the originals, and may or may not have been altered, which they will be able to check when some guy involved with these documents returns from whatever trip he is on. There is no contradiction in HI’s claims.

Also, it’s not “three stories” in any case, since your (1) and (2) are the same story.

Hello Sergey, there’s a big difference between ‘total fake’ and ‘some may have been altered’. Heartland needs to enlarge on their documents may have been altered gambit pointing out in what way they have been altered. Without that Heartland’s pretence that the truth is their business is exposed as a sham. If docs have been altered they are partially true, the salient question is which part Heartland ?

Are you the same Sergey Romanov behind the Holocaust Controversies blog ?

“Hello Sergey, there’s a big difference between ‘total fake’ and ‘some may have been altered’.”

Of course, but since these do not describe the same document(s), where is the contradiction? They allege that one document is an outright fake. They confirm that the rest of the documents were stolen, but leave the possibility that they may have been altered - until further checking by their director who had been traveling at the moment of the leak.

“Heartland needs to enlarge on their documents may have been altered gambit pointing out in what way they have been altered.”

Sure, and if they don’t in a couple of days, that means other documents haven’t been altered. Their claim about the alleged fake will still stand on its own merits (or lack thereof).

“ but leave the possibility that they may have been altered - until further checking by their director who had been traveling at the moment of the leak.”

Oh cmon. These are paid deniers & liars for hire. As if they are going to admit to the most damaging document. At least Phil Jones et al had the courage & decenncy to admit everything in the climategate emails were definately theirs, its just that a) deniers didnt know what they were looking at & so looked for negative words to invent new story lines & b) They only released 5000 out of 200,000. Knowing that the rest of the 195,000 would likely reveal the truth & deniers dont want that.

Heartland are people that are quite comfortable at lying. Why would this siutation buck the trend?

In this sub-thread I was simply pointing out that the explanations contained in the press-release are self-consistent. They may be false, but still consistent. The original commenter above contended that HI put out contradictory explanations, and that’s the claim I tried to address.

On further reflection, you were probably responding to my comment on (1) and (2) being the same story. What is meant is that those are two parts of the same story. They are not 2 stories that contradict each other.

I have picked up, thanks Bill at Deltoid, on the fact that the BBC did place an article by Richard Black on their website some time on the 15th February 2012. It must have been posted some time after I had looked after reading about the HI leak here and no reference to it, or another article, appeared on the 16th February 2012 when I was composing my message to the BBC. And I doubt that many would have found it at all.

The BBC article Openness: A Heartland-warming tale is at:

http://www.bbc.co.uk/news/science-environment-17048991

I also pondered on the GWPF and its coy attitude to revealing funding as their is considerable overlap in key people between the two as recorded at Sourcewatch:

Sorry, but just because I’m skeptical about a pdf from an anonymous source doesn’t make me a part of denialsphere. I came here from LGF, which is not known for tolerance to climate deniers. Me? I think climate denial is an intellectual (if not moral) equivalent of Holocaust denial. I wrote about Holocaust/climate denial nexus once upon a time. So let’s not knee-jerk, OK?

I have offered two viable, easy, possible ways to demonstrate the authenticity of the PDF in question, and thus possibly refute deniers at HI and destroy the shreds of their credibility once and for all. In my book that’s useful. I don’t see anybody else in this thread saying anything practically terribly useful on this issue, so I think your comment may be a bit misplaced.

Otherwise, I’m just hoping that we don’t have another Rathergate here. It would be a cunning plan too. Pretend to be a person who got secret denier documents. Plant a fake. Wait till the bloggers spread the story. Accuse the “warmists” of fakery. Make the story not about HI, and not about the content of the real documents, but about the fake.

Now, I’m not saying the PDF is a fake. Too early to tell. But I would think people would be more careful with “too good to be true” information from anonymous sources after 2004.

is the Marxist narrative that can’t distinguish the rights of a private enterprise (Heartland) by making a mindless comparison to the abuse of public resources that is Climategate and all it indicates.

Aside from the planted commentary of one fake document there is nothing indicated from Heartland thast represents “scandal”. The eco-left seems very confused on this point.

Did I miss the link to the apology for not calling Heartland to confirm the fake? This is a hate site isn’t it?

“Aside from the planted commentary of one fake document there is nothing indicated from Heartland thast represents “scandal”.

Wishful thinking no doubt.

“This is a hate site isn’t it?”

Ok, well, I guess you have a point there. Most people I have seen on this site hate lies & dishonesty. Busted I guess.

Maybes because you spend so much time in the denialsphere you have troubles distinguishing facts. Most people, perhaps even deniers knew these scientists were paid by the oil industry for spreading doubt & denial. Maybe thats a shock for some of the more deluded. But I must say, its funny watching Watts bailing the boat & nitrous injecting his spin over this one. I think it was always a given that Watts is funded by the fossil fuel industry, but its good to have the facts now.

“Heartland has agreed to help Anthony raise $88,000 for the project in 2011. The Anonymous

On Wednesday, HI’s press release claimed that at least one document is totally fake and the others could not be confirmed as unaltered because Joe Bast was traveling and had not been able to verify their authenticity.

Well, today Joe Bast found time to take apart and ‘rebut’ a New York Times article on the leak - line by line, but apparently has not had the opportunity to look at the documents that HI wants taken down from this site until they are verified.

In fact, he even mentions that desmogblog still has the documents online even though they are not verified yet, going so far as to claim that this may be a criminal act committed by desmogblog.

How can anyone trust this group of ‘scientists’ if they are unable to apply widely available technology that allows for document comparisons in less time than it takes to write a blog post rebutal that includes possible criminal accusations?

Happy traveling, Joe. And good luck finding an app store… being as how they’re so hard to find and all.

http://preview.tinyurl.com/travelingjoe

Pages

"Fossil-fuel companies have spent millions funding anti-global-warming think tanks, purposely creating a climate of doubt around the science. DeSmogBlog is the antidote to that obfuscation." ~ BRYAN WALSH, TIME MAGAZINE